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1. A system comprising a trusted computing platform including one or more first 
logically protected computing environments (or "compartments") associated with 
initialisation of said system, and one or more second logically protected computing 
environments (or "compartments"), the one or each said second logically protected 
computing environment being associated with at least one service or process 
supported by said system, the system being arranged to load onto said trusted 
computing platform a predetermined security policy including one or more security 
rules for controlling the operation of each of said logically protected computing 
environments, such that said security rules relating to the or each first logically 
protected computing environment are arranged to be loaded onto said trusted 
computing platform when the system is initialised, and the one or more security rules 
relating to the or at least one of said second logically protected computing 
environments are only arranged to be loaded onto said trusted computing platform if 
one or more services or processes associated therewith are enabled. 

2. A system according to claim 1 , wherein one or more common variables are defined 
for each compartment, in respect of which the relevant security rules are only 
arranged to be added if that variable is enabled for a particular compartment. 

3. A system according to claim 2, wherein one or more of a number of variables 
associated with a directory of plug-ins are arranged to be added. 

4. A system according to claim 3, wherein the system is arranged to determine, in 
response to a compartment being enabled, the status of said variables and cause the 
relevant plug-in(s) to run only if an associated variable is 'true'. 

5. A system according to claim 4, wherein the or each compartment includes an 
operating system compartment arranged to be controlled by the operating system 
kernel. 
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6. A system according to claim 5, wherein the compartments and network resources are 
arranged so communication between them is provided via relatively narrow kernel 
level controlled interfaces to a transport mechanism. 

7. A system according to claim 6, wherein said communication interfaces are arranged 
to be governed by rules specified on a compartment by compartment basis. 

8. A system according to claim 7, including means for determining when a service is 
starting, and on being enabled, for loading the compartment associated with that 
service and loading the security rules associated with that service. 

9. A system according to claim 8, including means for determining when a service 
starts, and causing said security rules to be loaded accordingly. 

10. A system according to claim 1, wherein the or each compartment includes an 
operating system compartment arranged to be controlled by the operating system 
kernel. 

11. A system according to claim 1 , including means for determining when a service is 
starting, and on being enabled, for loading the compartment associated with that 
service and loading the security rules associated with that service. 

12. A method of loading a security policy onto a system including a trusted computing 
platform, said trusted computing platform including one or more first logically 
protected computing environments (or "compartments") associated with initialisation 
of said system, and one or more second logically protected computing environments 
(or "compartments"), the one or each said second logically protected computing 
environment being associated with at least one service or process supported by said 
system, said security policy comprising one or more security rules for controlling the 
operation of each of said logically protected computing environments, the method 
including the steps of loading said security rules relating to the or each first logically 
protected computing environment onto said trusted computing platform when the 
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system is initialised, and loading the one or more security rules relating to the or at 
least one of said second logically protected computing environments onto said trusted 
computing platform only if one or more services or processes associated therewith are 
enabled. 



